<?php
/*
  $Program: ECJC Online Shop
  $Id: account_add.php
  $Based on: osCommerce, Open Source E-Commerce Solutions
  Released under the GNU General Public License
*/
  defined( 'joscom' ) or die( 'Direct Access to this location is not allowed.' );
  if (defined( '_OSCOMMERCE_LOADED' )) {
    if (!DB_SHARED) {
      tep_db_connect() or die('Unable to connect to database server!');
    }
    global $category_links, $languages_id, $catID, $catID_array, $current_category_id;
    global $request_type, $lng, $cart, $currencies, $language, $navigation, $breadcrumb;
  } else {
    require('components/'.$option.'/includes/application_top.php');
  }
  require(DIR_WS_FUNCTIONS.'product_manage.php');
  require(DIR_WS_CLASSES.'product_manage.php');
  require(DIR_WS_CLASSES . 'upload.php');
  
  function tep_copy_uploaded_file($filename, $target) {
	if (substr($target, -1) != '/') $target .= '/';

	$target .= $filename['name'];
//die($filename['tmp_name'].$target);

	move_uploaded_file($filename['tmp_name'], $target);
	@chmod($target, 0755);
}
function tep_get_uploaded_file($filename) {
	if (isset($_FILES[$filename])) {
		$uploaded_file = array('name' => $_FILES[$filename]['name'],
		'type' => $_FILES[$filename]['type'],
		'size' => $_FILES[$filename]['size'],
		'tmp_name' => $_FILES[$filename]['tmp_name']);
	} elseif (isset($GLOBALS['HTTP_POST_FILES'][$filename])) {
		global $HTTP_POST_FILES;

		$uploaded_file = array('name' => $HTTP_POST_FILES[$filename]['name'],
		'type' => $HTTP_POST_FILES[$filename]['type'],
		'size' => $HTTP_POST_FILES[$filename]['size'],
		'tmp_name' => $HTTP_POST_FILES[$filename]['tmp_name']);
	} else {
		$uploaded_file = array('name' => $GLOBALS[$filename . '_name'],
		'type' => $GLOBALS[$filename . '_type'],
		'size' => $GLOBALS[$filename . '_size'],
		'tmp_name' => $GLOBALS[$filename]);
	}

return $uploaded_file;
}

  if (!tep_session_is_registered('customer_id')) {
    $navigation->set_snapshot();
    tep_redirect(tep_href_link(FILENAME_LOGIN, '', 'SSL'));
  }
  // only allow Main Admin or approved customers in here.
  $customer_query = tep_db_query("select customers_firstname,customers_lastname,customers_email_address,customers_ap from " . TABLE_CUSTOMERS . " where customers_id = '" . (int)$customer_id . "'");
  $customer = tep_db_fetch_array($customer_query);
global $my;
if ($my->id != '62'){
  if (!$customer['customers_ap']) {
     echo "<script>alert('Administrator must apporve your account for this function'); window.history.go(-1);</script>\n";
     exit();
        }
}
  require(DIR_WS_LANGUAGES . $language . '/account_add.php');

  $action = (isset($_REQUEST['action']) ? $_REQUEST['action'] : '');
  $ecjcID = (isset($_REQUEST['ecjcID']) ? $_REQUEST['ecjcID'] : '');
  
   switch ($action) {
   case 'new_product_preview':

        $products_image = $_FILES['products_image']['name'];
        $file = tep_get_uploaded_file('products_image');
		if (is_uploaded_file($file['tmp_name'])) {
		//die(DIR_WS_IMAGES);
		
			tep_copy_uploaded_file($file, DIR_FS_IMAGES);
		}
        
        if ($products_image) {
        $products_image_name = $_FILES['products_image']['name'];
        //$usrfl_name = $_FILES['usrfl']['name'];
       // die ($products_image);
        }else{
        $products_image_name = (isset($_POST['products_previous_image']) ? $_POST['products_previous_image'] : '');
      //  die ('oops');
        }
        

        
        break;

   case 'insert_product':
   case 'update_product':
        if (isset($_POST['edit_x']) || isset($_POST['edit_y'])) {
          $action = 'new_product';
        } else {
        global $customer_id;
          if (isset($_REQUEST['pID'])) $products_id = tep_db_prepare_input($_REQUEST['pID']);
          $products_date_available = tep_db_prepare_input($_POST['products_date_available']);

          $products_date_available = (date('Y-m-d') < $products_date_available) ? $products_date_available : 'null';

          $sql_data_array = array('products_quantity' => tep_db_prepare_input($_POST['products_quantity']),
                                  'products_model' => tep_db_prepare_input($_POST['products_model']),
                                  'products_price' => tep_db_prepare_input($_POST['products_price']),
                                  'products_date_available' => $products_date_available,
                                  'products_weight' => tep_db_prepare_input($_POST['products_weight']),
                                  'products_depth' => tep_db_prepare_input($_POST['products_depth']),
                                  'products_length' => tep_db_prepare_input($_POST['products_length']),
                                  'products_width' => tep_db_prepare_input($_POST['products_width']),
                                  
                                  'products_status' => '0',	
                                  
                                  'products_tax_class_id' => tep_db_prepare_input($_POST['products_tax_class_id']),
                                  'customer_id' => $customer_id,
                                  'manufacturers_id' => tep_db_prepare_input($_POST['manufacturers_id']));

          if (isset($products_image) && tep_not_null($products_image)) {
            $sql_data_array['products_image'] = tep_db_prepare_input($products_image);
          }

          if ($action == 'insert_product') {
            $insert_sql_data = array('products_date_added' => 'now()');

            $sql_data_array = array_merge($sql_data_array, $insert_sql_data);

            tep_db_perform(TABLE_PRODUCTS, $sql_data_array);
            $products_id = tep_db_insert_id();
	$category_id = $_REQUEST['category_id'];
	
	
            tep_db_query("insert into " . TABLE_PRODUCTS_TO_CATEGORIES . " (products_id, categories_id) values ('" . (int)$products_id . "', '" . (int)$_REQUEST['category_id'] . "')");
          } elseif ($action == 'update_product') {
            $update_sql_data = array('products_last_modified' => 'now()');

            $sql_data_array = array_merge($sql_data_array, $update_sql_data);

            tep_db_perform(TABLE_PRODUCTS, $sql_data_array, 'update', "products_id = '" . (int)$products_id . "'");
          }

          $languages = tep_get_languages();
          for ($i=0, $n=sizeof($languages); $i<$n; $i++) {
            $language_id = $languages[$i]['id'];

            $sql_data_array = array('products_name' => tep_db_prepare_input($_POST['products_name'][$language_id]),
                                    'products_description' => tep_db_prepare_input($_POST['products_description'][$language_id]),
                                    'products_url' => tep_db_prepare_input($_POST['products_url'][$language_id]));

            if ($action == 'insert_product') {
              $insert_sql_data = array('products_id' => $products_id,
                                       'language_id' => $language_id);

              $sql_data_array = array_merge($sql_data_array, $insert_sql_data);

              tep_db_perform(TABLE_PRODUCTS_DESCRIPTION, $sql_data_array);
            } elseif ($action == 'update_product') {
              tep_db_perform(TABLE_PRODUCTS_DESCRIPTION, $sql_data_array, 'update', "products_id = '" . (int)$products_id . "' and language_id = '" . (int)$language_id . "'");
            }
          }

          if (USE_CACHE == 'true') {
            tep_reset_cache_block('categories');
            tep_reset_cache_block('also_purchased');
          }
          define(EMAIL_TEXT_SUBJECT,'New Product was added');
          $category_query = tep_db_query("select categories_name from " . TABLE_CATEGORIES_DESCRIPTION . " where categories_id = '" . (int)$_REQUEST['category_id'] . "' and language_id = '" . (int)$language_id ."'");
          $category = tep_db_fetch_array($category_query);

          $email =  "Hello administrator\n\n";
          $email .= "New product was added to : ".$category['categories_name']."\n\n";
          $email .= "Product was added by : ". $customer['customers_firstname'].' '.$customer['customers_lastname'] ."\n\n";
          $email .= "For approve new product go to administrator panel \n\n";
          tep_mail(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, EMAIL_TEXT_SUBJECT, $email,$customer['customers_firstname'].' '.$customer['customers_lastname'],$customer['customers_email_address']);
         tep_redirect(tep_href_link('account_manage.php', 'ecjcID=' . $ecjcID . '&pID=' . $products_id));
        }
        break;
   }
  $breadcrumb->add('My Account', tep_href_link(FILENAME_ACCOUNT, '', 'SSL'));
  $breadcrumb->add('Add new product', tep_href_link('account_add.php', '', 'SSL'));
  
//functions required in the template file
function callfunc1()
{
    $parameters = array('products_name' => '',
                       'products_description' => '',
                       'products_url' => '',
                       'products_id' => '',
                       'products_quantity' => '',
                       'products_model' => '',
                       'products_image' => '',
                       'products_price' => '',
                       'products_weight' => '',
                       'products_length' => '',
                       'products_width' => '',
                       'products_depth' => '',
                       'products_date_added' => '',
                       'products_last_modified' => '',
                       'products_date_available' => '',
                       'products_status' => '',
                       'products_tax_class_id' => '',
                       'category_id' => '',
                       'manufacturers_id' => '');
                       
    $pInfo = new objectInfo($parameters);

    if (isset($_REQUEST['pID']) && empty($_POST)) {
      $product_query = tep_db_query("select pd.products_name, pd.products_description, pd.products_url, p.products_id, p.products_quantity, p.products_model, p.products_image, p.products_price, p.products_weight, p.products_depth, p.products_length, p.products_width,  p.products_date_added, p.products_last_modified, date_format(p.products_date_available, '%Y-%m-%d') as products_date_available, p.products_status, p.products_tax_class_id, p.manufacturers_id from " . TABLE_PRODUCTS . " p, " . TABLE_PRODUCTS_DESCRIPTION . " pd where p.products_id = '" . (int)$_REQUEST['pID'] . "' and p.products_id = pd.products_id and pd.language_id = '" . (int)$languages_id . "'");
      $product = tep_db_fetch_array($product_query);

      $pInfo->objectInfo($product);
    } elseif (tep_not_null($_POST)) {
      $pInfo->objectInfo($_POST);
      $products_name = $_POST['products_name'];
      $products_description = $_POST['products_description'];
      $products_url = $_POST['products_url'];
    }

    $manufacturers_array = array(array('id' => '', 'text' => TEXT_NONE));
    $manufacturers_query = tep_db_query("select manufacturers_id, manufacturers_name from " . TABLE_MANUFACTURERS . "  order by manufacturers_name");
  while ($manufacturers = tep_db_fetch_array($manufacturers_query)) {
      $manufacturers_array[] = array('id' => $manufacturers['manufacturers_id'],
                                     'text' => $manufacturers['manufacturers_name']);
    }
    $languages = tep_get_languages();
    //print_r( $languages);
    for ($i=0, $n=sizeof($languages); $i<$n; $i++) {
    //echo $languages[$i]['directory'];
    if ($languages[$i]['directory']==$language) $language_id=$languages[$i]['id'];
    }
    
    $categories_array = array(array('id' => '', 'text' => TEXT_NONE));
    $categories_query = tep_db_query("select a.categories_id,parent_id, b.categories_name from " . TABLE_CATEGORIES . " as a," . TABLE_CATEGORIES_DESCRIPTION . " as b where a.categories_id = b.categories_id and b.language_id = " . (int)$language_id . " order by categories_name");
    while ($categories = tep_db_fetch_array($categories_query)) {
      //echo  $categories['parent_id'];
      $parent_id = $categories['parent_id'];
      if ($parent_id==0)
      {
              $categories_array[] = array('id' => $categories['categories_id'],
                                     'text' => $categories['categories_name']);
                                     $categories_ecjc .= '<option value="'.$categories['categories_id'] .'">'.$categories['categories_name'] .'</option>';
                                     } else {
                                            $txt=NULL;
                                            while ($parent_id!=0) {
                                             //echo $parent_id;
                                             $category_query = tep_db_query("select a.categories_id,parent_id, b.categories_name from " . TABLE_CATEGORIES . " as a," . TABLE_CATEGORIES_DESCRIPTION . " as b where a.categories_id = b.categories_id and a.categories_id = " . $parent_id . " and b.language_id = " . (int)$language_id . " order by categories_name");
                                             $category  =  tep_db_fetch_array($category_query);
                                              $txt .=$category['categories_name']."->" ;
                                              $parent_id = $category['parent_id'];
                                              //die($txt.$parent_id.$category['categories_id']);
                                              }
                                             $categories_array[] = array('id' => $categories['categories_id'],
                                                                   'text' => $txt.$categories['categories_name']);
                                             }
    }

    $tax_class_array = array(array('id' => '0', 'text' => TEXT_NONE));
    $tax_class_query = tep_db_query("select tax_class_id, tax_class_title from " . TABLE_TAX_CLASS . " order by tax_class_title");
    while ($tax_class = tep_db_fetch_array($tax_class_query)) {
      $tax_class_array[] = array('id' => $tax_class['tax_class_id'],
                                 'text' => $tax_class['tax_class_title']);
    }


    if (!isset($pInfo->products_status)) $pInfo->products_status = '1';
    switch ($pInfo->products_status) {
      case '0': $in_status = false; $out_status = true; break;
      case '1':
      default: $in_status = true; $out_status = false;
    }
}

//end functions for template file

require(WS_TEMPLATES . E_TEMPLATE_FOLDER . '/'.$osMod.'.html');
require(DIR_WS_INCLUDES . 'footer.php');
require(DIR_WS_INCLUDES . 'application_bottom.php');

  if (!DB_SHARED) {
    global $database, $mosConfig_host, $mosConfig_user, $mosConfig_password, $mosConfig_db, $mosConfig_dbprefix;
    $database = new database( $mosConfig_host, $mosConfig_user, $mosConfig_password, $mosConfig_db, $mosConfig_dbprefix );
  }